package SpringBoot.spring_boot_starter_security.D03_权限校验.controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import com.titan.core.web.utils.ControllerUtils;

/**
 *
 *
 * @author 周成功
 *
 */
@RestController
public class D03Controller {
    @PreAuthorize("hasRole('ROLE_ADMIN')")   // ROLE_ADMIN   ROLE_USER
    @RequestMapping("/authorize")  
    public void authorize(HttpServletRequest request, HttpServletResponse response) throws Exception {
        ControllerUtils.writeHtml(response, "需要有权限才能显示");
    }
    
    
    @RequestMapping("/security")  
    public void security(HttpServletRequest request, HttpServletResponse response) throws Exception {
        ControllerUtils.writeHtml(response, "需要验证才能显示");
    }
    
    
    @RequestMapping("/hello")  
    public void hello(HttpServletRequest request, HttpServletResponse response) throws Exception {
        ControllerUtils.writeHtml(response, "不验证哦");
    }
}
